﻿using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;
using Group16.Class_Library;

namespace Group16.Controller
{
    public partial class LoginForm : Form
    {
        private Account _account;
        public LoginForm()
        {
            InitializeComponent();
        }
        public Account Account
        {
            get { return _account; }
            set { _account = value; }
        }
        private bool CheckAccount(string usr, string pwd)
        {
            string connectString = "Server = MALLA-PC\\SQLEXPRESS; uid=sa; pwd=123456;Database = ElectronicDevicesDatabase";
            using (SqlConnection con = new SqlConnection(connectString))
            {
                using (SqlCommand com = new SqlCommand())
                {
                    try
                    {
                        com.CommandText = "Select UserName, PassWord From Account" + 
                                            " where UserName = @usr And PassWord = @pwd";
                        com.Connection = con;

                        SqlParameter para = com.CreateParameter();
                        para.ParameterName = "@usr";
                        para.Value = usr;
                        com.Parameters.Add(para);
                        SqlParameter paraPwd = com.CreateParameter();
                        paraPwd.ParameterName = "@pwd";
                        paraPwd.Value = pwd;
                        com.Parameters.Add(paraPwd);

                        con.Open();
                        if (com.ExecuteScalar() != null)
                            return true;
                        /*
                        string userName = com.ExecuteScalar().ToString();
                        if(String.Compare(userName,usr,true) == 0)
                            return true;
                        */
                    }
                    catch (SqlException e)
                    {
                        MessageBox.Show("Unable to connect to database\n" + e.Message, "Can not connect", MessageBoxButtons.OK, MessageBoxIcon.Error);
                    }
                }
            }
            return false;
        }

        private void btnLogin_Click(object sender, EventArgs e)
        {
            string usrName = txtUsrName.Text;
            string pwd = txtPwd.Text;
            Account = new Account();
            if (CheckAccount(usrName, pwd))
            {
                Account.UserName = usrName;
                Account.PassWord = pwd;
                Close();
            }
            else
            {
                lbMessage.Text = "Please! Make sure your user name and pass word!";
            }
        }
        private void CreateAccount(string name, string pwd)
        {
            string connectString = "Server = MALLA-PC\\SQLEXPRESS; uid=sa; pwd=123456;Database = ElectronicDevicesDatabase";
            using (SqlConnection con = new SqlConnection(connectString))
            {
                using (SqlCommand com = new SqlCommand())
                {
                    try
                    {
                        com.CommandText = "Insert into Account Values(@name,@pwd)";
                        com.Connection = con;
                        SqlParameter pmName = new SqlParameter();
                        pmName.ParameterName = "@name";
                        pmName.Value = name;
                        SqlParameter pmPwd = new SqlParameter();
                        pmPwd.ParameterName = "@pwd";
                        pmPwd.Value = pwd;

                        com.Parameters.Add(pmName);
                        com.Parameters.Add(pmPwd);
                        con.Open();
                        com.ExecuteScalar();
                    }
                    catch (SqlException e)
                    {
                        MessageBox.Show("Unable to insert to table" + e.Message);
                    }
                }
            }
        }
        private void btnCrtAccount_Click(object sender, EventArgs e)
        {
            string usr = txtUsrName.Text;
            string pwd = txtPwd.Text;
            if (!String.IsNullOrEmpty(usr) && !String.IsNullOrEmpty(pwd))
                CreateAccount(usr, pwd);
            else
                lbMessage.Text = "User name or password cannot be empty";
        }
        private void btnClose_Click(object sender, EventArgs e)
        {
            Close();
        }

       
    }
}
